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LISTING OF CLAIMS 

1- (currently amended) A method for providing a 
protocol layer firewall for an endpoint in a distributed 
network comprising at least one server having at least an 
object request broker and a usage based firewall manager and 
a plurality of computing locations each having at least one 
endpoint, comprising the steps of: 

receiving — a protocol request from an application 

requesting a protoc ol-specific ^ Application Action Object 
(AAO) from the at least one server; 

decoding the endpoint to determine ^fefee a physical 
network address for said endpoint; 

creating an AAO with said decoded information; 

registering the protocol request with the usage based 
firewall manager and obtaining to obtain a session number 
for said AAO; 

adding the session number to the AAO; and 

returning the AAO to the application to operate as a 
protocol-speci fic firewall at said endpoint > 

2* (original) The method of Claim 1 further 
comprising monitoring the protocol usage at the endpoint • 
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3. (original) The method of Claim 2 wherein said 
monitoring of the protocol usage comprises the steps of: 

said application executing an action method on said 

AAO; 

routing the AAO to a responsible gateway in response to 
said action method; and 

notifying the usage based firewall manager that the 
protocol has been used. 

4. (original) The method of Claim 3 further 
comprising the step of determining if continued usage of the 
AAO at the endpolnt is permissible. 

5. (original) The method of Claim 4 wherein said 
determining comprises the steps of: 

retrieving stored maximums of requests for the protocol 
and application; 

obtaining a current request count for the protocol and 
application; 

comparing the current count to the configured maximum; 

and 

notifying the application of the results of said 
comparing. 
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6. (original) The method of Claliu 4 further 
comprising ceasing usage of said AAO based on said 

determining. 

7. (original) The method of claim 5 further 
comprising ceasing usage of said AAO based on said 
determining. 



8. (original) The 
comprising identifying an 
application. 

9. (original) The 
comprising identifying an 
application. 



method of Claim 6 further 

alternative endpoint to said 

method of Claim 7 further 

alternative endpoint to said 



10. (currently amended) A system for providing a 
protocol layer firewall for an endpoint in a distributed 
^^^"^^^^ in response to ^nnn .catlon r^q ^i^.f comprising: 

at least one object request broker for creating at 
least one application action object comprising ^ 
protocol-specific firpwall in response to an application 
request; and 
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a usage based firewall manager for establishing a 
session for monitoring said at least one application action 
object at said endpoint. 

11. (original) The system of Claim 10 further 
comprising at least one decoder component for decoding the 

endpoint . 

12. (original) The system of Claim 10 further 
comprising monitoring means for monitoring the protocol 
usage at the endpoint. 

13. (original) The system of Claim 12 wherein said 
monitoring means comprises at least one logical gateway for 
detecting action requests at said application action object 
and for notifying the usage based firewall manager that the 
protocol has been used. 

14. (original) The system of Claim 13 wherein said 
usage based firewall manager further comprises a determining 
component for determining if continued usage of the AAO at 
the endpoint is permissible. 
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15. (original) The system of claim 14 further 
comprising at least one storage location for storing 
configuration information regarding maximum requests per 
endpoint and wherein said determining component includes a 
comparator for comparing the current count of requests at 
the endpoint to the stored maximum requests for that 
endpoint . 

16. (original) The system of Claim 14 further 
comprising means for identifying at least one alternative 
endpoint to said application. 

17. (currently amended) A program storage device 
readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method 
steps for providing a protocol layer firewall for an 
endpoint in a distributed network comprising at least one 
server having at least an object request broker and a usage 
based firewall manager and a plurality of computing 
locations each having at least one endpoint, said method 
comprising the steps of: 

receiving a protocol — request fr om an annlicatinn 
requesting a protorol-specif 1 r- ^plication Action Object 
(AAO) at the at least one server/ 
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decoding the endpoint to determine a ^ physicaa 

network address for said endpoint; 

creating an AAO with said decoded information/ 
registering the protocol request with the usage based 

firewall manager to obtain and obtain in^ a session number 

for said AAO; 

adding the session number to the AAO; and 
returning the AAO to the application to on^r.i-^ . 
pr<;>t;ocol -specific firewall ^t « a id endpo-fni- . 

18. (original) The program storage device of Claim 17 
wherein said method further comprises monitoring the 
protocol usage at the endpoint. 

19. (original) The program storage device of claim 18 
wherein said method further comprises the steps of: 

determining if continued usage of the AAO at the 
endpoint is permissible/ and 

notifying the application about the results of said 
determining. 

20. (original) The program storage device of Claim 19 
wherein said determining method comprises the steps of: 
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retrieving stored maximuius of requests for the protocol 
and application; 

obtaining a current request count for the protocol and 
application; and 

comparing the current count to the configured maximum. 

21. (original) The program storage device of Claim 19 
wherein said method further comprises monitoring activity at 
a plurality of endpoints and identifying at least one 
alternative endpoint to said application. 
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